<html> <script language=javascript> setTimeout('window.location="../view/login.php"',500) </script> </html>
<?php
	header('Content-Type:text/html;charset=UTF-8');
	require('mysql.php');
	$id = $_POST['username'];
	$password = MD5($_POST['password']);
	$user_type = $_POST['user'];
	$passcode=$_POST['checkcode'];
	session_start();
	if ($passcode!=isset($_SESSION['code'])){
	echo '验证码错误！';
	header("Location:/libraryoa/view/login.php?errno=2");
	exit();
	}
	if ($user_type == 'student') {
		$_SESSION['usertype']='s';
		$sql_id= "select * from studentworkinlibrary where studentid='$id'";
		$res = mysql_query($sql_id);
	}else {
		$_SESSION['usertype']='t';
		$sql_id= "select * from teach where teachid='$id'";
		$res = mysql_query($sql_id);
	}
	
	if ($row = mysql_fetch_row($res) ==null){
		echo "用户名出错!";
		echo '<a href ="/libraryoa/view/login.php">';
		echo '点击此处返回重新登陆';
		echo '</a>';
	}else{
		if ($user_type == 'student'){
			
			$sql = "select studentpass from studentworkinlibrary where studentid='$id'";
			$res=mysql_query($sql);
			$sql_name ="select studentname from allstudent where studentid='$id'";
			$res_name=mysql_query($sql_name);
			$row_name = mysql_fetch_row($res_name);
			$name =$row_name[0];
		}
		else {
			
			$sql = "select teacherpass from teach where teachid='$id'";
			$res=mysql_query($sql);
			$sql_name ="select teachname from teach where teachid='$id'";
			$res_name=mysql_query($sql_name);
			$row_name = mysql_fetch_row($res_name);
			$name =$row_name[0];
		}
		while ($row = mysql_fetch_row($res)){
			if ($row[0] != $password){
				echo "密码出错,";
				
			}else {
				
				  $lifetime=60;//保
                 session_start();
                  //setcookie(session_name(),session_id(),time()+$lifetime,"/");
               //  注册登陆成功的 admin 变量，并赋值 true
                 $_SESSION["admin"] = $name;
                 $_SESSION["usercode"] = $id;
				$url = "/libraryoa/view/main.php?name=".$name;
				Header("HTTP/1.1 303 See Other");
				Header("Location: $url");
				exit;
			}
		}
	}
	
?>